Slashdot Mirror

My problem was solved by setting the numeric keypad (using Windows 2000) to control the mouse. I use the mouse (with my left hand) to move the pointer, but when I need to click, I press the "5" button on the numeric keypad with my right index finger. Separating the two actions like this has made my problem go away.

This site is great:
http://labmice.techtarget.com/articles/keyboard.ht m

My wife tried a different approach which works great for her: She wired up 3 microswitches, attached to a 2x4, such that the wires are "dot-or'd" directly into the wiring of an ordinary mouse. It's a heck of a lot cheaper than a footpad. But it's really the same fundamental solution (separating the clicking motion from the hand that's moving the mouse).

Is this the same Wim van Eck that's known for van Eck phreaking; i.e. using radiation from a CRT to replicate what's being displayed on said CRT?

http://whatis.techtarget.com/definition/0,289893,s id9_gci550525,00.html

"This term combines the name of Wim van Eck, who in 1985 authored an academic paper that described this form of electronic eavesdropping, with the term phreaking, the earlier practice of using special equipment to make phone calls without paying. Van Eck phreaking is identified in the U.S. government project known as Tempest and, although some information remains classified, has probably been used to spy on suspected criminals and in espionage."

That said, all my Windows boxes do depend on external firewalls (and from TFA I linked to, the San Diego Supercomputer Center does this as well), because I fully admit I'm too lazy to figure out how or if those things can be secured. But for any higher-end OS you don't need one.

Since when has MS released year-named products before that year?

Windows 98 release date - June 25, 1998
Windows 2000 release date - Feb 17, 2000
Office 2003 release date - Oct. 21, 2003

Untrue. Drive by downloads are a real problem for many (if not most) IE users. If a malicious site is coded just right, no user interaction is needed to install.

This doesn't work.

Modern rootkits cannot be removed without booting from "known-good" media.

Once your system is owned, unless it is by a script kiddie du jour, you *have* to wipe and reformat. There's simply no other way to know that you clear out the infection. A high-end rootkit that has succesfully taken over your system will not expose itself to malware scanners.

Here's a quote for ya:
According to Russ Cooper, who founded and moderates the NTBugtraq newsletter, looking for the kinds of techniques that rootkits use is a good idea. But Cooper doesn't think that rootkit infections are on the rise. "Rootkits are no more prevalent now than they've ever been," he believes. And as for rootkit removal tools, Cooper remarks that "only a person with very little knowledge would try to remove a rootkit," adding that the one certain cure is to wipe the hard disk and reinstall the OS. Mikko Hypponen, F-Secure's director of antivirus research, mostly concurs with Cooper, but points out that Blacklight can address situations where no known good backup is available.

If you maintain md5 signatures of all your installed executables, and you boot from known-good media (read only), perhaps you can verify that your system is clean. If you're booting into an infected system, however, all bets are off. The long and the short of it is that virus/malware tools are only really useful as tripwires. Once you've found something that shouldn't be there, you've already lost. The exception, of course, is things that are caught at the entry points; virus scanners on incoming attachments, or network shares and the like.

That worm you found in system ram, with copies all over $WINNT\system32; don't even bother. You're screwed already.

Although that might be a quick-and-clean way of restoring your system in the event of a catastrophic infection (yes, I admit that phrase sounds weird), it's absolutely ridiculous to say that the only way to insure safety is to make an image. Bullshit. It's called "preventative actions."

In the event of catastrophic infection, it is a decent assumption to assume that a sophisticated rootkit has made its way into your system. Unless you think your preventative action is 100% effective, maintaing backup images of ANY Windows system on a regular basis is necessary.

You make it sound like keeping a Windows system clean is easy. Statistically, that's simply not the case. Check out my links here. Roughly 85% of PCs worldwide are infected with some kind of spyware, and 20% of PCs worldwide are infected with viruses. Keep in mind that most of those results are corporate PCs, not home users.

Preventative action as your Maginot line makes sense in situations like the Measles, where we have virtually eradicated the disease. In the computing world, where infections are rampant, preventative action should only be one tool in your arsenal.

I guess the systems I've kept uninfested for years without reinstalling are just figments of my imagination ?

Most likely, yes.

Between spyware and viruses/worms, 80-90% of systems are infected with some kind of malware.

Microsoft itself indicates that it's worm removal tool scores about 200 million successful "hits" per month.

Saying that you keep a Windows system clean is no different than saying you run a Linux desktop. Neither is out of reach for a power user; both are not the norm.

I'd be willing to bet money that in a three way study, of casual users, you'd see the following results in terms of "ease of acheivability":

1. Transition to Mac OS X as a primary desktop.
2. Transition to Linux as a primary desktop.
3. Mainting an uninfested Windows system.

That is, if you had a large enough sample size so that you would actually see some causal users succesfully acheive #3.

Viruses/malware are not a joke. Your anecdotal evidence proves absolutely nothing; statistically, the vast majority of computer users are infested, badly. More computer users are infested with viruses/malware than vote in the presidental election. More computer users are infested than support ANY given political issue, *including* the concept of first amendment rights.

Statistically, you are in a minority category similar to OS X users and Linux Desktop users. The level of sophstication (or at least market savvyness) needed to achieve your position is no less than for those of us administering Linux Desktops, and probably significantly higher than people who use OS X as a primary desktop.

The only real thing that makes YOU susceptible to get a virus is YOU.
When you get a .vbs file or an unknown incoming bluetooth file transfer, it's your personal knowlege that is gonna be the key factor.

While I agree that user interaction is responsible for many problems, what if your OS picked up & executed executable attachments without user interaction? (see, the OS is important)!

BTW, what do you mean by a "decent O/S" ?

* One with good privilige seperation?
* One where you don't run as superuser by default?
* One where you can do most useful tasks (run an office suit, use usb devices) without being the superuser?
* One which doesn't artificially seperate into a "Home" and "professional" editions - of which, the home edition has missing security features

Like OpenBSD is the greatest OS for running games...

If you want to play semantics, then it depends what you mean by "games" - openBSD is far more capable of running old dos games under emulation then windows XP...

this explains all....bunch of slackasses!

Many on these boards will argue it's because Microsoft's products are such easy targets. And many others will say it's because Microsoft has such a large installed base. However, I think the reasons Microsoft products are targeted the most have more to do with the motivations of the hackers, which, in my estimation, are envy and resentment. After all, inflating the number of machines infected or damaged does not really materially benefit the hackers.

Based on this comment, I believe you don't really understand how the organized black hat / cracker community largely works. Now I don't know everything about this underground and somewhat secretive community but I do know a few things.

Exploiting and taking control of under protected PCs is now big money. Most of the biggest crackers do this stuff for money and to amass control of thousands of home PCs (and servers to a much lesser degree). When I say "under protected PCs", I'm talking about PCs owned by people who don't use Windows Update at all / often enough, don't have firewalls and don't have any / adequate antivirus solutions on their PCs.

If you control a bot net of 10's or even 100's of thousands of PCs, then you have a lot of power. You can use these zombies as spam sending boxes, or rent them out to people who use them for DDoS attacks and what have you. Also, crackers get paid good money for finding unpublised exploits that malicious groups will use to exploit windows to take control of PCs. The reason you see fewer servers exploited is because home PCs are such easy pickings, why go after a server where there may be added protection in your way, or worse, a responsible admin watching the box?

Sure there are still some losers in living in their mom's basement who create a virus and unleash it on the Internet "just for fun", but the big players are far more organized and sinister.

That is correct. Usually Zero-Day's are released by the person who found the hole/bug/exploitable code. At times this due to someone who actually has a hand in the code and knows these weak points lets it slip or designs it him/herself, but that is not a requirement. Here is an article you can check out: zero-day

Spanning tree has nothing to do with routing. The following may be useful to anyone who would like a refresher on the topic: http://searchnetworking.techtarget.com/sDefinition /0,290660,sid7_gci214602,00.html You may also want to check out the idea of 'time to live' (TTL) which is used for preventing routing loops.

Then nobody would ever be able to get emails from wives and girlfriends anymore.

Well, if you S.O.'s emails look like they came from (what I just learned is called) a hash buster, then (s)he either really is a robot, or (s)he needs to be treated for this.

Most of the comments about this article are FUD, UCB is bound by the same Senate Bill 1386 as all the rest of the UC campuses.

Which means that if a security breach exposes personal or confidential information it must be reported to the state and any individual it affects, creating a whole legal mess. All UC system administrators (myself one of them) take security very seriously and do everything we can to avoid a 1386 incident. Working at a large educational institution and being a constant target of spam and cracking groups is trying, but I can tell you that UC has a very tough stance on securing our systems.

Looks like it's a new word from 2000 : http://searchwebservices.techtarget.com/sDefinitio n/0,,sid26_gci342237,00.html

Or at least 2002 : http://web.archive.org/web/*/http://searchwebservi ces.techtarget.com/sDefinition/0,,sid26_gci342237, 00.html

The library of congress would take about 10 terabytes

The talks for thing like holographic disks and videos were more for television stations being able to store HDTV content in more consolidated media, since prices are estimated to be $100,000 (http://searchstorage.techtarget.com/bestWebLinks/ 0,289521,sid5_tax404,00.html)

Furthermore, it was also more than publicly announced at Lotusphere 2006 in Orlando, along with the Mac OS/X Notes 7.x client - so yes, it's no big secret. Additionally, there's an FAQ you can consume referenced at the bottom of this post. Sadly, the Mac Notes client demo received a rousing cheer and sustained applause from the audience, while the Linux Notes client garnered only a murmur of appreciation. Maybe the audience was largely IT execs / CIO types... *grin*

IBM Workplace is separate from the Notes client altogether however certainly acts as another solid-performing client, and is predicted by market analysts to slowly replace Notes reaching a potential 45 to 50% of Domino Server client seats in 2009 (Radicati - Market Analysis Lotus Notes 2005-2009 (go buy this yourself, it's $2500 USD so I'm not sharing)). IMHO, IBM are demonstrating a move away from the language of 2005 that was kind of claiming that Workplace and Notes are all the same thing - confusion from the user community seems to have prompted this. Workplace is just another client --> IBM quotes, "Q. How does "Hannover" differ from previously discussed plans for Lotus Notes 8? A. In Lotus Notes and Domino 7, we enabled Lotus Notes applications to be surfaced within the IBM® Workplace Managed Client(TM)." (Source: Hannover FAQ as at bottom of this post). Additionally, IBM say that Hannover will consume more of the Workplace frameworks (and will possibly be eventually superseded / EOL'd).

Lastly, Hannover is not a Linux port, Hannover is simply the next version of Notes after 7.0 (probably 8.0) - and will include the usual Windows platform on the client side as well. Windows pulls nearly 80% of Domino server installs (anecdotal data from Gartner for 2005) by platform, with AIX and Solaris following at approx 7 and 6% respectively (IBM claim not to track this - I suspect because it's somewhat embarrasing).

(Other sources; http://searchdomino.techtarget.com/originalContent /0,289142,sid4_gci1098021,00.html and http://www-142.ibm.com/software/sw-lotus/products/ product4.nsf/wdocs/hannoverfaq)

Compiere (http://www.compiere.com/ ) comes to mind as the one of leading contenders. This is because it is Java based thus allowing components. Here is some other OSS ERP projects (http://erp5.org/ ) (http://community.igalia.com/twiki/bin/view/Fister ra/WebHome ) (http://www.google.com/url?sa=t&ct=res&cd=6&url=ht tp%3A//www.itjungle.com/tlb/tlb022106-story01.html &ei=cT0NRO3oH4KAqwLc2rxa&sig2=5uLzyeFbC38zn2tar4EL jw ) (http://www.google.com/url?sa=t&ct=res&cd=7&url=ht tp%3A//www.ofbiz.org/&ei=cT0NRO3oH4KAqwLc2rxa&sig2 =vrPeV4du9fR0FCBlgci8xg ) OSS ERP article (http://searchsap.techtarget.com/originalContent/0 ,289142,sid21_gci1102271,00.html ) There does seem to a be a lot of projects suprisingly enough.

space in original URL was the problem, I retract the rant: http://searchopensource.techtarget.com/originalCon tent/0,289142,sid39_gci1170532,00.html

It's probably a question of definition. The CTO of Cray answered this question some time ago. Now he might be biased towards supercomputers, but the way I read it there is not much difference at the moment except that supercomputers are specifically built to have fast and broad interconnects between CPUs and an optimal way to share CPU. A cluster is built out of standard parts, therefore has less shared memory, slower inter-CPU connections etc.

Of course the supercomputer will be better, but also a factor 10 more expensive when comparing same amount of single CPU power. But I would say it's worth it, the simulations don't gain much from parallel runs on a simple ethernet-cluster, but when you go to stuff like myrinet connects it really speeds like hell :)

Time to address the dress down.
While I do not have my Tannenbaum at this location, I will simply pull the defintition from elsewhere.

Typically, a kernel (or any comparable center of an operating system) includes an interrupt handler that handles all requests or completed I/O operations that compete for the kernel's services, a scheduler that determines which programs share the kernel's processing time in what order, and a supervisor that actually gives use of the computer to each process when it is scheduled. A kernel may also include a manager of the operating system's address spaces in memory or storage, sharing these among all components and other users of the kernel's services. A kernel's services are requested by other parts of the operating system or by application programs through a specified set of program interfaces sometimes known as system calls.

The above fits the defintion that I have grown up with and learned in my BSCS. That is, a kernel provides services for other processes. A micro kernel is well a small kernel, but it is STILL the kernel. In contrast, as you are obviously aware, a monolithic kernel has not only ability to provide services but links a bunch of other code in to speed things up. In a monolithic kernel we simply include all the code from the API below.

Apple OS, has the Mach kernel with a derivitive set of code in user space. Some of it came from NextOS, some from *BSD, some from other OSS projects, but most from Apple itself. Just as you refer to a "derived mach kernel", there is at best, derived BSD code.

OSX is NOT BSD, any more than Linux or Windows is, for using BSD code (windows makes heavy use of BSD code, while Linux tends to borrow code until it can rewrite parts).

BTW, from my understanding of the NT kernel, it long ago left being a micro kernel. In the early days when the DEC controlled the development, it was a microkernel. But once BG re-controlled it (in NT 4.0), he pulled down a lot of user space drivers into the kernel for speed (While I have seen NT 3.2 code (yes, 3.2) from working at HP, I have never looked at NT 4 and above code; it is just what I have heard).

Anyone who believes that IDC isn't a Microsoft lapdog is sans clue and should be ignored. Obviously you sit in that camp. A 5 second trip to google and searching for "Microsoft funded IDC survey" yields 161,000 hits. http://www.google.com/search?hl=en&q=Microsoft+fun ded+IDC+survey History does not lie in this case. Anything from IDC which both touts Microsoft as a leader over *NIX and then espoused immediately by Microsoft has historically been funded by Microsoft. If you consider that bat guano, then so be it. Arguing against the facts is pointless and assinine. Just a sampling. http://www.daynesoftasia.com/English/NewEvents/THR EE.htm "The report has cast serious doubts on the Microsoft-funded TCO study undertaken by IDC" http://searchopensource.techtarget.com/originalCon tent/0,289142,sid39_gci885961,00.html "A Microsoft-funded IDC report that claims that the Linux TCO is 13% higher than an equivalent MS Windows solution" http://www.computerworld.com.au/index.php?id=14493 08906&fp=16&fpid=0 "The Yankee survey is just the latest to compare the TCO (total cost of ownership) of Windows and Linux, but is the first (unlike those from Jupiter Research Inc., Forrester and IDC) that have not been requested and funded by Microsoft." http://www.wininsider.com/news/?8861 "The Microsoft Partner Program got high marks from industry analysts at IDC in a recent survey comparing the channel programs of 25 top software vendors." http://www.computerworld.com/managementtopics/outs ourcing/itservices/story/0,10801,85963,00.html "Last month, some IT professionals reacted angrily to a Microsoft-funded report released by Cambridge, Mass.-based Forrester Research Inc. that concluded that developing and deploying Web-based portal applications is substantially less expensive using Microsoft technology than it is using a Linux/J2EE combination [QuickLink 41320]."

That is wrong. What you're describing is often called a "sub pixel". A pixel in digital imaging is usually defined as a combination of red, green and blue sub pixels. For a Truecolor image, that means that each pixel has 24 bits (8 bits per sub pixel). For a raw 13MP image that's 39MB.

A one megapixel camera has one million blue photo detectors, one million red photo detectors and one million green photo detectors.

(here's another link for you)

http://service1.symantec.com/SUPPORT/nav.nsf/docid /1999041209131106

Care to argue with Symantec on the definition?

How the hell did My above post get modded 'troll' anyways? There's your proof. Oh, need more proof?

How... http://www.webopedia.com/DidYouKnow/Internet/2004/ virus.asp
About... http://www.computer-lynx.com/a-virus-or-worm.htm
THIS??? http://expertanswercenter.techtarget.com/eac/knowl edgebaseAnswer/0,295199,sid63_gci980535,00.html

Someone needs to go back to computer pre-school. I knew the difference in those 15 years ago, when I was 8. Tool.

Why not simply associate the cookie with the IP address? Please do not go down the road of spoofing. (I got bored finding links)

IBM is rolling out GTK based Linux Notes client called the "Notes Plugin" which will be a part of their Lotus Workplace product. This article says the Linux Notes Plugin will be available later this year and this blog discusses its demo taking place at Lotusphere 2006 this week.

Read the source (article), Luke!

According to the article linked to by arsdigita, this is not about .NET at all, but about SAP. It looks to me like Oracle is actively porting its middleware to Java in order to claim that they are easier to develop for and less proprietary than SAP's counterparts. Sun and Oracle will promote each other's non-competing products as a part of this deal.

Dunno if this will get modded out of AC-land, but here goes:

For the newbs, CRLs or Certificate Revocation Lists are nothing more than lists of which certs have been revoked. If you're going to deal in non-physical access tokens (as opposed to, say, metal keys and RFID badges) you're eventually going to want to deal with the eventuality that people's lifespans are generally longer than the amount of time that they have access to your stuff. PKI is excellent for mathematically proving that noone that can't factor huge primes can get your secrets just by looking at bits on the wire, but you can't really demand that your recently fired employees surrender their keys since they could very well have made copies in advance. Now that I think about it I suppose the same is true of keys, so consider CRLs the digital equivalent of changing locks.

A CRL is a list of all they key IDs of keys that have been revoked. If you get terminated, you go on the list, and when you subsequently try to use your key, even though mathematically it works great, if you're on the CRL you get a 403 (or big guys with guns or whatever your model for Access Denied happens to be).

CRLs are as dead end as it gets. Especially if you're working with a lot of end-devices or end-users, your CRL situation is going to get fantastically out of control very quickly. Picture, if you will, the DoD. How many people do you think had keys last year who aren't entitled to them now? Sure, the really old keys expire, but the new keys that were revoked all have to be downloaded *every time* a user makes a query, or else you risk race conditions of varying severity. (One could easily imagine the race to get home and log in over the VPN to copy the Secret Plans after being fired; the amount of time a user would need to do this is about the longest you'd want to go between CRL updates. If a CRL was many megabytes large and if the authenticating device got many hundreds of requests per second you might have a problem.

OCSP , or Online Certificate Status Protocol, is a huge step in the right direction; instead of downloading the entire CRL to the authenticating device, the device instead makes a quick call to a OCSP responder, querying the status of the cert. The OCSP has a store of CRLs which it obtains from the CA/VA, and can create a signed response containing the status of the certificate: good or revoked (or, I suppose, unrecognized or otherwise munged). Now you only have to distribute CRLs to one/several devices, instead of every one in the infrastructure.

Some groups (Corestreet, among others) have created distributed versions of OCSP which use precomputed proof lists in order to avoid the problem of distributing private keys to a network of distributed OCSP responders for use in signing OCSP responses. This D-OCSP is vastly more powerful and flexible than CRLs (and proportionally expensive).

PKI is a pretty daunting challenge to implement correctly, and its even harder to make the other links in the chain nearly as strong as the crypto. Best of luck.

vvj

Not all of them. We use Symantec's IDS and AV/anti-spam appliances, both of which are just i386 linux boxes with some proprietary software and a candy-coated front-end. Just because their marketing folk badmouth open source software doesn't mean that their technical staff don't see the advantages.

Yeah AV *is* an extra cost. You're right there. You shouldn't have to update them manually though. Any good corporate AV solution will have systems for managing and reporting on AV deployments.

WSUS is a free tool from Microsoft for managing the testing and deployment of hotfixes.

Log files (IMO, the number one annoyance with windows systems) can be managed with scripts by using scheduled tasks, as can other mundane tasks like defragmenting. For Windows 2000 and NT4 which don't come with command line defragmentors there are free tools avaialable that will do the job. Email reports can be sent via email by piping (c:\maintenance.cmd >> c:\daily_report.txt) the output of your scripts to a textfile and using freely available command-line mailer tools to send them.

Security and other logs can be dumped to a freely available database automatically using freely avaiable tools.

One very valid complaint is that Windows doesn't come with these tools by default. Once you get everything together though, life becomes much easier.

I won't argue with you that UNIX is easier. An OpenBSD/Postfix box I set up about two years ago has not required a security patch yet, and if not for power outages and physical moves, would have two years of uptime right about now.

Civilians need to be sponsored for a security clearance - usually by a defense contractor.

http://searchsecurity.techtarget.com/originalConte nt/0,289142,sid14_gci1047365,00.html

Not trying to be an ass but it hurts the eyes when so many posts including opening article have kW wrong. It is kW not KW. It has a small k because kilo isn't taken from somebody's name.

http://whatis.techtarget.com/definition/0,,sid9_gc i797759,00.html

A strongly-typed programming language is one in which each type of data (such as integer, character, hexadecimal, packed decimal, and so forth) is predefined as part of the programming language and all constants or variables defined for a given program must be described with one of the data types. Certain operations may be allowable only with certain data types. The language compiler enforces the data typing and use compliance. An advantage of strong data typing is that it imposes a rigorous set of rules on a programmer and thus guarantees a certain consistency of results. A disadvantage is that it prevents the programmer from inventing a data type not anticipated by the developers of the programming language and it limits how "creative" one can be in using a given data type.

Although this study is over a year old, it estimates 14% of the large enterprise market as having adopted OpenOffice. Just as Gartner studies are said to be Microsoft-biased, perhaps this study might be biased in the opposite direction. But it's a favorable indicator nevertheless to even view the number of Openoffice downloads that are recorded. It's making progress...

For more information about Spring checkout

Developing J2EE applications without Spring? Why?
http://www.theserverside.com/news/thread.tss?threa d_id=38021

Transactional J2EE Apps with Spring (Nice interactive presentation)
http://media.techtarget.com/tss/BeJUG/J2EEAppsSpri ng/player.html

So does this mean that Gumby can become an uberhacker (at least when facing these biometric devices)?
More seriously... This is not new news. Previous schemes to foil the finger print scanners have been around for a good deal of time. One article I found is at http://searchsecurity.techtarget.com/tip/1,289483, sid14_gci833464,00.html/.

Infrastructure is seen as more and more important. People here can't already have forgotten the problems when the switches in the basement of the World Trade Center were taken out 4 years ago, have they?

The best defense is a good offense.

Also, there already was a Sino-American cyberwar. Here is just one link that you may find interesting: http://infosecuritymag.techtarget.com/2002/nov/new s.shtml

Cyberwarfare is happening in the current conflict in Iraq and Afganistan. Radical Islam groups uses internet technology to coordinate - but then again so does my mother's sewing club so thats not too surprising. Open Source Intelligence Gathering is useful against such efforts as is direct manipulation of the same technologies.

The war in Kosovo also involved a limited amount of cyberwarfare. That is easy enough to google up.

So, yeah, the US may have claimed to be interested in this in the 1990's and I know for a fact that Tiger Teams were in place at least as far back as 1989 but its definiately gotten much more sophisticated and important in 2005.

It's not the complete take-down of the USA's electronic infrastructure that should worry you. After all, that would hurt everyone. This is what's more realistic:

Titan Rain was covered on slashdot before, but the linked Time article has since gone premium. A quick google search brings up this and this, though I'm not sure how reliable they are since they're random Google search results.

Ah, here's a ZDnet article. Might not all be FUD.

http://searchwin2000.techtarget.com/sDefinition/0, 290660,sid1_gci211818,00.html

What you have described, (a disc with both audio and computer data), is an Enhanced CD which falls outside the bounds of the Red Book standard.

Enhanced compact discs are a combination of modes on a multisession disc (defined by the Blue Book standard). More information about the various standards is available here.

Well ... sorry for replying to my own post, but I found the link.

For anyone else with a basic knowledge of electricity who was confused,
Power=Voltage*Current in DC.

Converting that to units, Watts=Volts*Amps

So a watt is a volt-amp. So the units are the same.

What's the difference in the rating between P and S?

Apparent power is V*I, where both are measured the usual way - root mean square.

In AC, Actual power output is less because the current lags behind the voltage a bit. So at any given point, the power output is actually
P=S*cos(phase), where the phase is the difference between the voltage and the current waves.

VA is important because the part of the power that isn't absorbed by a device is still actually going through your system, so it could damage something.

Here's a nice overview of the three kinds of power.

Hmm... According to the following two, the company has played sock puppet for our favorite *nix hater:

http://searchopensource.techtarget.com/originalCon tent/0,289142,sid39_gci1079064,00.html?bucket=NEWS
http://www.groklaw.net/articlebasic.php?story=2005 0823081138438

Now why would MS want to cloud the issues around VoIP. Could it be that they plan on entering the market?

According to http://searchsecurity.techtarget.com/qna/0,289202, sid14_gci955041,00.html, this worm started in 2002... or am I mistaken?

What TFA is saying (while being overly general) is that when you move outside of the box to an unsupported configuration, you lose support -- and if you want support, you'll pay through the nose for it.

What the article doesn't say, is that M$ has the exact same stance. You run 3rd party software with Microsoft Exchange, you lose support from Microsoft on not only Exchange, but probally your install of Windows 2003 Advance Server. Go read your EULAs from top-to-bottom, and you'll see what I mean. For any Microsoft product.

God I hate people slinging FUD around.

Maybe this is true in the circles you travel in, but I'm afraid the facts are a little different. Here is an exerpt:

According to a recent TechTarget survey of IT professionals, 30% said that Windows already dominates their data center.

From here:

http://search400.techtarget.com/originalContent/0, 289142,sid3_gci968400,00.html

You are entitled to your own opinions, but you are not entitled to your own facts.

You DID know charitable contributions count towards tax breaks in the US, didn't you? Out of all Gates' billions stolen from you and me and every poor person on the planet, he donates a penny (to him) to get himself some extra tax-dodging ammo, and everybody fawns all over him like he was a Saint. PS, I installed a rootkit with this post, which writes the word "gullible" in your Windows system registry. Go look.

The Foreign Intelligence Surveillance Act (FISA) regulates the FBI's collection of "foreign intelligence" information for intelligence purposes. Under the Fourth Amendment, a Title III warrant to intercept a communication must be based on probable cause to believe that a crime has been or is being committed. This is not the general rule under FISA: surveillance under FISA is permitted based on a finding of probable cause that the surveillance target is a foreign power or an agent of a foreign power, irrespective of whether the target is suspected of engaging in criminal activity. The USA PATRIOT Act expanded law enforcement authority to conduct searches and obtain communications under Title III, and also rolled back the already lax restrictions on the FBI's ability to gather information about individuals under FISA.

[...] the PATRIOT Act specifically lowers the threshold for obtaining a full collection warrant for Internet traffic. Instead of needing probable cause as required by Title III, the FBI now only needs to show that the information to be gathered is "relevant to an ongoing criminal investigation." That is a much lower standard than showing probable cause that a crime has been committed.

If Orwell were alive, he'd be rolling in his grave.

if only you actually could save money w/o m$.